1306.18
Security procedures.

(A)
If there
is a security procedure between the parties with respect to an electronic
signature or electronic record, both of the following apply:

(1)
The effect of compliance with a security
procedure established by a law or regulation is determined by that law or
regulation.

(2)
In all other cases
than those described in division (A)(1) of this section, if the parties agree
to use or otherwise knowingly adopt a security procedure to verify the person
from which an electronic signature or electronic record has been sent, the
electronic signature or electronic record is attributable to the person
identified by the security procedure, if the person relying on the attribution
establishes all of the following:

(b)
The party accepted or relied on the
electronic message in good faith and in compliance with the security procedure
and any additional agreement with or separate instructions of the other party.

(c)
The security procedure
indicates that the electronic message is from the person to which attribution
is sought.

(B)
If the electronic signature or electronic record
is not attributable to a party under section
1306.08 of the Revised Code but is
attributable to the party under other provisions of this section, then,
notwithstanding the other provisions of this section, the electronic signature
or electronic record is not attributable to the party if the party establishes
that the electronic signature or electronic record was caused directly or
indirectly by a person meeting any of the following:

(1)
The person was not entrusted at any time
with the right or duty to act for the party with respect to such electronic
signature or electronic record or security procedure.

(2)
The person lawfully obtained access to
transmitting facilities of the party, if such access facilitated the misuse of
the security procedure.

(3)
The
person obtained, from a source controlled by the party, information
facilitating misuse of the security procedure.

(C)
If the parties use a commercially reasonable
security procedure to detect errors or changes with respect to an electronic
signature or electronic record, both of the following apply:

(1)
The effect of a security procedure is
determined by the agreement between the parties, or, in the absence of an
agreement, by this section or any law establishing the security procedure.

(2)
Unless the circumstances
indicate otherwise, if a security procedure indicates that an electronic
signature or electronic record has not been altered since a particular time, it
shall be treated as not having been altered since that time.